ASK the Pack
Wed, May 5, 2021 8:12 AM
Is there any way to select different user traffic profiles (smartzone) when creating users based on cloudpath property management system?
5 m ago
Yes, you can use the Policy engine in Cloudpath to return a different user-role to SmartZone. You can use the UNIT name as the DPSK reference name in a policy. Using that policy, you can provide different Filter ID’s back to SmartZone.
I have a guide here, that will show an example of providing a Bronze level of service to users (25 Mbps up and down) vs Gold level of service (100 Mbps up and down) to users, but the user roles can be defined however you need to in SmartZone.
Let us use an example of a Bronze vs Gold service.
In Cloudpath we will create units and pre-pend that unit with a service level bronze vs gold.
In Cloudpath we will create a policy that returns the Ruckus-User-Group as "bronze" to SmartZone and likewise for "Gold"
In SmartZone we will create two Traffic Profiles; Bronze giving 25 Mbps up and 25 Mbps down, and Gold giving 100 Mbps up and 100 Mbps down.
Cloudpath; create a bronze and a gold unit.
If you look at the bronze unit, you can see that the DPSK reference name is named as <property_name>_<unit number>. We can use this value to build a RADIUS DPSK policy on:
In Cloudpath, let’s create 2 RADIUS policies to return the user-role to SmartZone
To test REGEX, I like to use “https://regex101.com”; this can help with syntax, example; lets make sure the regex I wrote will catch the DPSK reference name of the bronze unit and not the gold unit:
We can see that the REGEX will only match the first entry.
Now that Cloudpath is setup with policies to return a different Filter ID to SmartZone, SmartZone has to be configured to take that value and apply it to a user role.
You can test this using the CCD of SmartZone:
You can see the radius policy being hit in Cloudpath:
Hello Christopher,Thank you for your reply and detailed guide.
I did actually manage to create a similar solution. But I put all the units in the regex as a list, like this:
This will of course become an operational nightmare since you have to move users in and out of the different list when they change there subscription (could possible automate this with API). I was afraid that your solution would make a new DPSK for the tenant so they would need to change password (or change it back in the tenant portal). But i noticed that the DPSK also change name when you change unit name. So I prefer your solution. Thanks.
How can we improve?